} } else { $buy_offer = getItemByID($buy_id); $check_name_in_database = $ots->createObject('Player'); $check_name_in_database->find($buy_from); if ($buy_offer['type'] == 'changename') { if (!$check_name_in_database->isLoaded()) { } } if (isset($buy_offer['id'])) { //item exist in database if ($user_premium_points >= $buy_offer['points']) { if (check_name($buy_name)) { $buy_player = new OTS_Player(); $buy_player->find($buy_name); if ($buy_player->isLoaded()) { $buy_player_account = $buy_player->getAccount(); if ($_SESSION['viewed_confirmation_page'] == 'yes' && $_POST['buy_confirmed'] == 'yes') { if ($buy_offer['type'] == 'pacc') { $player_premdays = $buy_player_account->getCustomField('premdays'); $player_lastlogin = $buy_player_account->getCustomField('lastday'); $save_transaction = 'INSERT INTO ' . $SQL->tableName('z_shop_history_pacc') . ' (id, to_name, to_account, from_nick, from_account, price, pacc_days, trans_state, trans_start, trans_real) VALUES (NULL, ' . $SQL->quote($buy_player->getName()) . ', ' . $SQL->quote($buy_player_account->getId()) . ', ' . $SQL->quote($buy_from) . ', ' . $SQL->quote($account_logged->getId()) . ', ' . $SQL->quote($buy_offer['points']) . ', ' . $SQL->quote($buy_offer['days']) . ', \'realized\', ' . $SQL->quote(time()) . ', ' . $SQL->quote(time()) . ');'; $SQL->query($save_transaction); $buy_player_account->setCustomField('premdays', $player_premdays + $buy_offer['days']); $account_logged->setCustomField('premium_points', $user_premium_points - $buy_offer['points']); $user_premium_points = $user_premium_points - $buy_offer['points']; $color1 = 'green'; $color2 = 'green'; $color3 = 'green'; $color4 = 'green'; $color5 = 'green';
} $number_of_rows++; $main_content .= '<TR BGCOLOR="' . $bgcolor . '"><TD>Sex:</TD><TD>'; $main_content .= $player->getSex() == 0 ? 'female' : 'male'; $main_content .= '</TD></TR>'; if ($config['site']['show_marriage_info']) { if (is_int($number_of_rows / 2)) { $bgcolor = $config['site']['darkborder']; } else { $bgcolor = $config['site']['lightborder']; } $number_of_rows++; $main_content .= '<TR BGCOLOR="' . $bgcolor . '"><TD>Marital status:</TD><TD>'; $marriage = new OTS_Player(); $marriage->load($player->getMarriage()); if ($marriage->isLoaded()) { $main_content .= 'married to <a href="?subtopic=characters&name=' . urlencode($marriage->getName()) . '"><b>' . $marriage->getName() . '</b></a></TD></TR>'; } else { $main_content .= 'single</TD></TR>'; } } if (is_int($number_of_rows / 2)) { $bgcolor = $config['site']['darkborder']; } else { $bgcolor = $config['site']['lightborder']; } $number_of_rows++; $main_content .= '<TR BGCOLOR="' . $bgcolor . '"><TD>Profession:</TD><TD>' . $vocation_name[$player->getWorld()][$player->getPromotion()][$player->getVocation()] . '</TD></TR>'; if (is_int($number_of_rows / 2)) { $bgcolor = $config['site']['darkborder']; } else {
function delete_player($name) { $SQL = $GLOBALS['SQL']; $player = new OTS_Player(); $player->find($name); if ($player->isLoaded()) { try { $SQL->query("DELETE FROM player_skills WHERE player_id = '" . $player->getId() . "';"); } catch (PDOException $error) { } try { $SQL->query("DELETE FROM guild_invites WHERE player_id = '" . $player->getId() . "';"); } catch (PDOException $error) { } try { $SQL->query("DELETE FROM player_items WHERE player_id = '" . $player->getId() . "';"); } catch (PDOException $error) { } try { $SQL->query("DELETE FROM player_depotitems WHERE player_id = '" . $player->getId() . "';"); } catch (PDOException $error) { } try { $SQL->query("DELETE FROM player_spells WHERE player_id = '" . $player->getId() . "';"); } catch (PDOException $error) { } try { $SQL->query("DELETE FROM player_storage WHERE player_id = '" . $player->getId() . "';"); } catch (PDOException $error) { } try { $SQL->query("DELETE FROM player_viplist WHERE player_id = '" . $player->getId() . "';"); } catch (PDOException $error) { } try { $SQL->query("DELETE FROM player_deaths WHERE player_id = '" . $player->getId() . "';"); } catch (PDOException $error) { } try { $SQL->query("DELETE FROM player_deaths WHERE killed_by = '" . $player->getId() . "';"); } catch (PDOException $error) { } $rank = $player->getRank(); if (!empty($rank)) { $guild = $rank->getGuild(); if ($guild->getOwner()->getId() == $player->getId()) { $rank_list = $guild->getGuildRanksList(); if (count($rank_list) > 0) { $rank_list->orderBy('level'); foreach ($rank_list as $rank_in_guild) { $players_with_rank = $rank_in_guild->getPlayersList(); $players_with_rank->orderBy('name'); $players_with_rank_number = count($players_with_rank); if ($players_with_rank_number > 0) { foreach ($players_with_rank as $player_in_guild) { $player_in_guild->setRank(); $player_in_guild->save(); } } $rank_in_guild->delete(); } $guild->delete(); } } } $player->delete(); return TRUE; } }
} elseif ($action == 'setnewpassword') { $newpassword = $_REQUEST['passor']; $code = $_REQUEST['code']; $character = stripslashes($_REQUEST['character']); $main_content .= ''; if (empty($code) || empty($character) || empty($newpassword)) { $main_content .= '<font color="red"><b>Error. Try again.</b></font><br />Please enter code from e-mail and name of one character from account. Then press Submit.<BR> <BR><FORM ACTION="?subtopic=lostaccount&action=checkcode" METHOD=post> <TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><center> <INPUT TYPE=image NAME="Back" ALT="Back" SRC="' . $layout_name . '/images/buttons/sbutton_back.gif" BORDER=0 WIDTH=120 HEIGHT=18></center> </TD></TR></FORM></TABLE></TABLE>'; } else { $player = new OTS_Player(); $account = new OTS_Account(); $player->find($character); if ($player->isLoaded()) { $account = $player->getAccount(); } if ($account->isLoaded()) { if ($account->getCustomField('email_code') == $code) { if (check_password($newpassword)) { $account->setPassword(password_ency($newpassword)); $account->save(); $account->setCustomField('email_code', ''); $main_content .= 'New password to your account is below. Now you can login.<BR> <INPUT TYPE=hidden NAME="character" VALUE="' . $character . '"> <TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%> <TR><TD BGCOLOR="' . $config['site']['vdarkborder'] . '" CLASS=white><B>Changed password</B></TD></TR> <TR><TD BGCOLOR="' . $config['site']['darkborder'] . '"> New password: <b>' . $newpassword . '</b><BR /> Account name: <i>(Already on your e-mail)</i><BR />';
if (empty($newchar_errors)) { $check_name_in_database = $ots->createObject('Player'); $check_name_in_database->find($newchar_name); if ($check_name_in_database->isLoaded()) { $newchar_errors[] .= 'Esse nome já está em uso. Por favor escolha um outro nome!'; } $number_of_players_on_account = $account_logged->getPlayersList()->count(); if ($number_of_players_on_account >= $config['site']['max_players_per_account']) { $newchar_errors[] .= 'Você tem muitos personagens em sua conta <b>(' . $number_of_players_on_account . '/' . $config['site']['max_players_per_account'] . ')</b>!'; } } if (empty($newchar_errors)) { $char_to_copy_name = $config['site']['newchar_vocations'][$world_id][$newchar_vocation]; $char_to_copy = new OTS_Player(); $char_to_copy->find($char_to_copy_name); if (!$char_to_copy->isLoaded()) { $newchar_errors[] .= 'Configuração de caracteres inválida. O caractere <b>' . $char_to_copy_name . '</b> não existe.'; } } if (empty($newchar_errors)) { if ($newchar_sex == "0") { $char_to_copy->setLookType(136); } $player = $ots->createObject('Player'); $player->setName($newchar_name); $player->setAccount($account_logged); $player->setGroup($char_to_copy->getGroup()); $player->setSex($newchar_sex); $player->setVocation($char_to_copy->getVocation()); $player->setConditions($char_to_copy->getConditions()); $player->setRank($char_to_copy->getRank());
if (isset($server_config['mysqlHost'])) { //new (0.2.6+) ots config.lua file $mysqlhost = $server_config['mysqlHost']; $mysqluser = $server_config['mysqlUser']; $mysqlpass = $server_config['mysqlPass']; $mysqldatabase = $server_config['mysqlDatabase']; $sqlitefile = $server_config['sqliteDatabase']; } elseif (isset($server_config['sqlHost'])) { //old (0.2.4) ots config.lua file $mysqlhost = $server_config['sqlHost']; $mysqluser = $server_config['sqlUser']; $mysqlpass = $server_config['sqlPass']; $mysqldatabase = $server_config['sqlDatabase']; $sqlitefile = $server_config['sqliteDatabase']; } // loads #####POT mainfile##### include '../pot/OTS.php'; // PDO and POT connects to database $ots = POT::getInstance(); if ($server_config['sqlType'] == "mysql") { $ots->connect(POT::DB_MYSQL, array('host' => $mysqlhost, 'user' => $mysqluser, 'password' => $mysqlpass, 'database' => $mysqldatabase)); } elseif ($server_config['sqlType'] == "sqlite") { $ots->connect(POT::DB_SQLITE, array('database' => $config_ini['server_path'] . $sqlitefile)); } $name_db = new OTS_Player(); $name_db->find($name); if ($name_db->isLoaded()) { echo '<font color="red"><b>Já existe um personagem com esse nome.</b></font>'; } else { echo '<font color="green">O seu nome será: "<b>' . ucwords($name) . '</b>"</font>'; }
} $main_content .= '<div id="form" style="background: ' . $config['site']['darkborder'] . ';border: 1px solid black;margin: 5px auto;width: 80%;padding: 5px;"><center><b>Form place.</b></center></div>'; $main_content .= '<table border="0" CELLPADDING=4 CELLSPACING=1 style="border: 1px solid black;margin: 0 auto;width: 80%;"> <TR BGCOLOR="' . $config['site']['vdarkborder'] . '" style="color: white;"> <tr bgcolor=\'#505050\'><td colspan=\'2\' class=\'white\'><center><b>Other systems</b></center></td></tr> <tr bgcolor=' . $config['site']['lightborder'] . '><td width="150"><b><a href="?subtopic=adminpanel&action=install_monsters">Reload Monsters</a></b></td><td><small><b>Load information about monsters from directory "/data/monsters/".</b></small> <b><small>[Delete old mosters configuration!]</small></b></td></tr> <tr bgcolor=' . $config['site']['darkborder'] . '><td width="150"><b><a href="?subtopic=adminpanel&action=install_spells">Reload Spells</a></b></td><td><small><b>Load information about spells from file "/data/spells/spells.xml".</b></small><br/><b><small>[Delete old spells configuration!]</small></b></td></tr> <tr bgcolor=' . $config['site']['darkborder'] . '><td width="150"><b><a href="?subtopic=adminpanel&action=npc_check_by_mappingfor&lng=en">Check NPCs</a> [EN]</b></td><td><b><small>Check items prices.</small></b></td></tr> </table><br/>'; } if (!empty($_GET['name'])) { $name = $_GET['name']; $name_new = $_GET['name_new']; $player = new OTS_Player(); $player->find($name); if ($player->isLoaded() && $player->isNameLocked()) { if ($name_new == $player->getOldName()) { if ($action == 'accept') { $main_content .= '<font color="green">Changed name from <b>' . $player->getName() . '</b> to <b>' . $player->getOldName() . '</b>.</font>'; $player->setCustomField('old_name', $player->getName()); $player->setCustomField('name', $player->getOldName()); $player->setCustomField('nick_verify', 1); $player->removeNameLock(); } elseif ($action == 'reject') { $main_content .= '<font color="green">Rejected proposition of change name from <b>' . $player->getName() . '</b> to <b>' . $player->getOldName() . '</b>.</font>'; $player->setCustomField('old_name', ''); } } else { $main_content .= '<font color="red">Invalid new name. Try again.</font><br>'; } } else {
// Secure the name against SQL injections. $name = isset($_GET['name']) ? $_GET['name'] : null; // Create a few necessary variables. list($row, $height) = array(0.5, 14); // Instantiate a new POT object. $ots = POT::getInstance(); // Connect to the database. $ots->connect(POT::DB_MYSQL, connection()); // Create a variable holding the database handle. $SQL = POT::getInstance()->getDBHandle(); // Instantiate a new OTS_PLAYER object. $character = new OTS_Player(); // Find a player. $character->find($name); // Return false in case a player was not found. if (!$character->isLoaded()) { // Send the headers. header('Content-type: image/png'); // Include the cache file. include BASEPATH_SIGNATURE . 'images/false-character.png'; exit; } // Get all the cache images. $cacheImages = scandir(BASEPATH_SIGNATURE . 'cache/'); // Loop through all of the cache images. foreach ($cacheImages as $cacheImage) { // Continue along until you find a matching cache image. if (!preg_match('/' . $character->getId() . '_([0-9]{10})\\.png/', $cacheImage)) { continue; } // Remove the player ID from the filename.
public function join($guild_name, $player_name) { $guild_name = (int) $guild_name; $player_name = (int) $player_name; $ide = new IDE(); if (empty($guild_name) or empty($player_name)) { $ide->redirect(WEBSITE . "/index.php/guilds"); } $ots = POT::getInstance(); $ots->connect(POT::DB_MYSQL, connection()); $guild = $ots->createObject('Guild'); $guild->load($guild_name); if (!$guild->isLoaded()) { $ide->redirect(WEBSITE . "/index.php/guilds"); } $player = new OTS_Player(); $player->load($player_name); if (!$player->isLoaded()) { $ide->redirect(WEBSITE . "/index.php/guilds"); } if ($player->getAccount()->getId() != $_SESSION['account_id']) { $ide->redirect(WEBSITE . "/index.php/guilds"); } require_once 'system/application/libraries/POT/InvitesDriver.php'; new InvitesDriver($guild); $invited_list = $guild->listInvites(); if (!in_array($player->getId(), $invited_list)) { $ide->redirect(WEBSITE . "/index.php/guilds"); } $guild->acceptInvite($player); $ide->redirect(WEBSITE . "/index.php/guilds/view/" . $guild->getId() . "/1"); }
public function view($name = null) { $ide = new IDE(); if (!empty($name)) { $data['character'] = $name; $ots = POT::getInstance(); $ots->connect(POT::DB_MYSQL, connection()); $player = $ots->createObject('Player'); $player->find($name); if (!$player->isLoaded()) { $ide->redirect("../../character/view/"); } else { $data['player'] = $player; $data['account'] = $player->getAccount(); } $this->load->view('view_character.php', $data); } else { $this->load->helper("form"); if ($_POST) { $name = $_POST['name']; $ots = POT::getInstance(); $ots->connect(POT::DB_MYSQL, connection()); $player = new OTS_Player(); $player->find($name); if ($player->isLoaded()) { $ide->redirect("../character/view/{$name}"); } else { error("{$name} could not be found."); } } $this->load->view('character_search.php'); } }